Scribd Logo
Importer

Bienvenue sur Scribd !

  • Chapter 12 - NATand PAT

    Transféré par

    trietbuivien
    36 vues16 pages
    tai lieu CCNA ve Nat va PAT

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Formats disponibles

    PPT, PDF, TXT ou lisez en ligne sur Scribd

    Avez-vous trouvé ce document utile ?

    Ce contenu est-il inapproprié ?

    Signaler ce document
    tai lieu CCNA ve Nat va PAT

    Droits d'auteur :

    Attribution Non-Commercial (BY-NC)
    Téléchargez comme PPT, PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    36 vues16 pages

    Chapter 12 - NATand PAT

    Transféré par

    trietbuivien
    tai lieu CCNA ve Nat va PAT

    Droits d'auteur :

    Attribution Non-Commercial (BY-NC)
    Téléchargez comme PPT, PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    sur 16

    Chapter 12

    Scaling the Network with NAT and PAT

    Objectives
    Upon completing this lesson, you will be able to:
    Describe the features and operation of NAT on Cisco routers
    Use Cisco IOS commands to configure NAT, given a functioning router Use show commands to identify anomalies in the NAT configuration, given an operational router Use debug commands to identify events and anomalies in the NAT configuration, given an operational router

    Network Address Translation

    An IP address is either local or global. Local IP addresses are seen in the inside network.

    Port Address Translation

    Translating Inside Source Addresses

    Configuring Static Translation


    Router(config)#ip nat inside source static local-ip global-ip

    Establishes static translation between an inside local address and an inside global address

    Router(config-if)#ip nat inside

    Marks the interface as connected to the inside

    Router(config-if)#ip nat outside

    Marks the interface as connected to the outside

    Enabling Static NAT Address Mapping Example

    Configuring Dynamic Translation


    Router(config)#ip nat pool name start-ip end-ip {netmask netmask | prefix-length prefix-length}

    Defines a pool of global addresses to be allocated as needed


    Router(config)#access-list access-list-number permit source [source-wildcard]

    Defines a standard IP access list permitting those inside local addresses that are to be translated
    Router(config)#ip nat inside source list access-list-number pool name

    Establishes dynamic source translation, specifying the access list defined in the prior step

    Dynamic Address Translation Example

    Overloading an Inside Global Address

    Configuring Overloading
    Router(config)#access-list access-list-number permit source source-wildcard

    Defines a standard IP access list permitting those inside local addresses that are to be translated

    Router(config)#ip nat inside source list access-list-number interface interface overload

    Establishes dynamic source translation, specifying the access list defined in the prior step

    Overloading an Inside Global Address Example

    Clearing the NAT Translation Table


    Router#clear ip nat translation *
    Clears all dynamic address translation entries

    Router#clear ip nat translation inside global-ip local-ip [outside local-ip global-ip]


    Clears a simple dynamic translation entry containing an inside translation, or both inside and outside translation

    Router#clear ip nat translation outside local-ip global-ip


    Clears a simple dynamic translation entry containing an outside translation

    Router#clear ip nat translation protocol inside global-ip global-port local-ip local-port [outside local-ip local-port global-ip global-port]
    Clears an extended dynamic translation entry

    Displaying Information with show Commands


    Router#show ip nat translations

    Displays active translations


    Router#show ip nat translation Pro Inside global Inside local --- 172.16.131.1 10.10.10.1

    Outside local ---

    Outside global ---

    Router#show ip nat statistics

    Displays translation statistics


    Router#show ip nat statistics Total active translations: 1 (1 static, 0 dynamic; 0 extended) Outside interfaces: Ethernet0, Serial2.7 Inside interfaces: Ethernet1 Hits: 5 Misses: 0

    Using the debug ip nat Command

    Router#debug ip nat

    NAT: s=192.168.1.95->172.31.233.209, d=172.31.2.132 [6825] NAT: s=172.31.2.132, d=172.31.233.209->192.168.1.95 [21852] NAT: s=192.168.1.95->172.31.233.209, d=172.31.1.161 [6826] NAT*: s=172.31.1.161, d=172.31.233.209->192.168.1.95 [23311] NAT*: s=192.168.1.95->172.31.233.209, d=172.31.1.161 [6827] NAT*: s=192.168.1.95->172.31.233.209, d=172.31.1.161 [6828] NAT*: s=172.31.1.161, d=172.31.233.209->192.168.1.95 [23313] NAT*: s=172.31.1.161, d=172.31.233.209->192.168.1.95 [23325]

    Summary
    Cisco IOS NAT allows an organization with unregistered private addresses to connect to the Internet by translating those addresses into globally registered IP addresses. You can translate your own IP addresses into globally unique IP addresses when communicating outside of your network. Overloading is a form of dynamic NAT that maps multiple unregistered IP addresses to a single registered IP address (many-to-one) by using different ports, known also as PAT. Once you have configured NAT, verify that it is operating as expected using the clear and show commands. Sometimes NAT is blamed for IP connectivity problems when there is actually a routing problem.

    Vous aimerez peut-être aussi